recommendations for personal firewall?

servnov · 08-15-2005, 03:08 PM

I just want some additional security, privacy, and piece of mind. Would a simple script with iptables with dropping incoming connections be all that is required? What other options might I have?

halo14 · 08-15-2005, 03:17 PM

you may want to check out guarddog or firestarter as GUI frontends to develop iptables structures..

personally... i really like SmoothWall. It is a customized Linux distrobution... so it needs to run on it's own box... it works great... i have been running one at home and in a corporateenvironment for a little over a year now.. not a single breach.. and the box doesn't have to be very powerful either... the one I use at home is a Pentium MMX 200 MHz with 32 MB RAM and a 3 GB HDD...

All configuration is done via web-interface...definitely worth checking out if you have a spare old box somewhere... I also have been wanting to check out m0n0wall and pfSense(both based on FreeBSD) which are firewall distro's with a web interface similar to SmoothWall.. I just haven't had time, and SmoothWall works great.... otherwise... like I said.. guard dog and firestarter are good GUI's to help with your iptables implementation...

servnov · 08-15-2005, 07:19 PM

ok, cool. So with Smooth wall, you can just do a default install on a machine plug in an ethernet cord and remote config; similar to a linksys router config? I am def gonna try firestarter, thanks.

halo14 · 08-16-2005, 07:40 AM

yeah, except you need 2 network cards... 1 for the internet and 1 for the internal network... let me try to draw a rudimentary diagram...

Code:

{{internet}}==>[SmoothWall]==>(LAN)

I think you get the point...

anyways.. yeah.. it's an easy and fast install(the ISO is only a little over 30MB) and then some basic configuration in an ncurses based system for configuring your red and green connections(red=internet, green=local network).. setting up IP's, DHCP server(if you want it to do that), etc... It's really easy... and there is a help forum on the smoothwall site.. they are fast to respond and friendly... just as they are on this site...

good luck

Vgui · 08-16-2005, 11:19 AM

Basically most firewalls just setup iptables for you, then add a few logging options. So if you are competent with iptables I would recommend just using that.
Personally I use Shorewall for my single computer setup, as using a seperate firewall box seems overkill for my needs